Consider investing in Network Access Control and Identity Management solutions. This will simplify network access management by streamlining policy deployment to specific user profiles. Pre-configure role access and deploy it to the users that need it, blocking those who do not meet the criteria. This is especially important for work from home environments where users should access only what their roles allow them to access; no more, no less. This will help you protect data from insider threats, and help prevent accidental data leaks.

First, you need to understand your attack surface; everywhere people are trying to access your network.  Then tighten your security policy to define where, how, to whom and under what circumstances you will grant network access. Lastly, choose a NAC solution from a knowledgeable partner and determine how you will phase NAC into your environment.  We've found the best results when beginning with one type of access such as wireless access, or group of users such as operations, and then methodically moving through the rest of the deployment.

If you aren’t sure where to start, check out our security risk assessment offering. It can help you identify where you need to improve your access policies, and whether your current practices are creating vulnerabilities.  

Zero Trust is not a product. It is a security approach or methodology.  In the past, networks, server ports, etc. were open by default and IT teams would close them to traffic they didn't want to allow.  With the proliferation of security threats, the old strategy no longer works.  Today, you should start with Zero Trust, everything closed to everybody, and then open access to only those people and devices that you know and trust.

This methodology restricts access from non-compliant devices, and strictly adheres to access standards. Users are granted specific access based on their roles and permissions. This strategy is important because it limits data leaks due to insider threats, while protecting privileged data. It’s an efficient method for improving access visibility and simplifying security management because you know who is accessing what, and when.

Consider the following steps: 

1: Review the Zero Trust framework and try to identify where your organization might be vulnerable. 

2: Once you have a plan in place to incorporate your Zero Trust strategy, buy the solutions that you think address your needs. Looks for tools that integrate or work well together.

3: Test. Keep analyzing your environment to stay on top of vulnerabilities and detect cyber threats. You can analyze your chosen solutions to identify better utilization opportunities, and whether they are meeting your needs. A good security posture has multiple tools providing layers of defense to make it difficult for attackers.

If you still aren’t sure where to start, don’t have the time to develop a plan, or simply need some expert advice, consider our security risk assessment offering to accelerate the process.